/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package br.ufjf.pos.controller;

import br.ufjf.pos.model.Usuario;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.catalina.Session;

/**
 *
 * @author cleber
 */
public class controllerFacade extends HttpServlet {

    /**
     * Processes requests for both HTTP
     * <code>GET</code> and
     * <code>POST</code> methods.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();        
        
        String acao = request.getParameter("action");
        boolean acesso;
        
        HttpServletRequest req = (HttpServletRequest) request;
        HttpSession sessao = req.getSession();
        
        
        Usuario usr = (Usuario) sessao.getAttribute("usuario");
        
        
        acesso = isPermiteAcesso(request);
        if (acesso == true && !acao.equals("SalvaUsuario") ){
            if (usr.getIdNivelAcesso() == 2) {
                acesso = isPermiteAcessoMedico(request);
            }else{
                acesso = isPermiteAcessoAtendente(request);
            }
        }
        
        if(acesso){
            RequestDispatcher rd = request.getRequestDispatcher(acao + "Action");
            rd.forward(request, response);
        }else{
            RequestDispatcher rd = request.getRequestDispatcher("sem_acesso.jsp");
            request.setAttribute("msg", "Sessão Encerrada ou Senha/Login incorreto.</br> Tente novamente!");
            rd.forward(request, response);
        }
    }
    
    private boolean isPermiteAcesso(HttpServletRequest request)
    {
        String acao = request.getParameter("action");
        
        HttpServletRequest req = (HttpServletRequest) request;
        //HttpServletResponse res = (HttpServletResponse) response;        
        HttpSession sessao = req.getSession();
        
        if (acao.equals("SalvaUsuario")){
            return true;
        }
        else if(sessao == null || sessao.getAttribute("Logado") == null){
            RequestDispatcher rd = request.getRequestDispatcher("sem_acesso.jsp");
            return false;
        }else{
            return true;
        }
    }
    private boolean isPermiteAcessoMedico(HttpServletRequest request)
    {
        String acao = request.getParameter("action");
        boolean permitirAcesso = false;
        
        HttpServletRequest req = (HttpServletRequest) request;
        //HttpServletResponse res = (HttpServletResponse) response;        
        HttpSession sessao = req.getSession();
        
        if (acao.equals("SalvaUsuario")){
            permitirAcesso = true;
        }
        else if (acao.equals("AlterarSenha")){
            permitirAcesso = true;
        }
        else if (acao.equals("AgendarAtendimento")){
            permitirAcesso = false;
        }
        else if (acao.equals("listaFaturamentoMes")){
            permitirAcesso = true;
        }
        else if (acao.equals("SalvaProcedimentoAtendimento")){
            permitirAcesso = true;
        }
        else if (acao.equals("SalvaProcedimento")){
            permitirAcesso = true;
        }
        
        
        return permitirAcesso;
    }
    private boolean isPermiteAcessoAtendente(HttpServletRequest request)
    {
        String acao = request.getParameter("action");
        boolean permitirAcesso = true;
        
        HttpServletRequest req = (HttpServletRequest) request;
        //HttpServletResponse res = (HttpServletResponse) response;        
        HttpSession sessao = req.getSession();
        
        if (acao.equals("SalvaProcedimentoAtendimento")){
            permitirAcesso = false;
        }
        else if (acao.equals("listaFaturamentoMes")){
            permitirAcesso = false;
        }
        
        return permitirAcesso;
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /**
     * Handles the HTTP
     * <code>GET</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /**
     * Handles the HTTP
     * <code>POST</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /**
     * Returns a short description of the servlet.
     *
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
